Electricmonk

Ferry Boender

Programmer, DevOpper, Open Source enthusiast.

Blog

Category: security

Exploring UPnP with Python

UPnP stands for Universal Plug and Play. It’s a standard for discovering and interacting with services offered by various devices on a network. Common examples include: Discovering, listing and streaming media from media servers Controlling home network routers: e.g. automatic configuration of port forwarding to an internal device such as your Playstation or XBox. In this […]

Openvas v8 on Ubuntu 14.04: Login failed. OMP service is down

Recently I suddently couldn’t log into Openvas v8 running on Ubuntu 14.04 anymore. Nothing had changed about the machine (as far as I knew), but I got the following message when trying to log in with any account: Login failed. OMP service is down The logs (/var/log/openvas/openvasmd.log) showed the following message: lib serv:WARNING:2016-01-19 15h52.12 utc:21760: […]

Batch create new users on Linux

A while ago I had to create many new users on a Linux machine. Since I’m lazy, I opted to automate this process. The newusers command combined with pwgen (to generate new passwords) was the solution. First I installed pwgen, a utility to automatically generate passwords: $ sudo apt-get install pwgen I created a file […]

Openvaz: Creating credentials is very slow [FIXED]

When creating new credentials on Openvaz (6, 7 and 8), it takes a very long time to store the credentials. The problem here is that the credentials are stored encrypted, and Openvaz (probably) has to generate a PGP key. This requires lots of random entropy, which is generally not abundantly available on a virtual machine. […]

SSH ChrootDirectory / sftponly not working [FIXED]

I was trying to setup a jail for SSH on Ubuntu 14.04, but it didn’t seem to work. The user I was trying to jail using ChrootDirectory could login with SFTP, but could still see everything. Turns out there were a few issues that were causing this. The summary is: All directories to the ChrootDirectory […]

I’ve released cfgtrack v1.0: Get notified of changes on your server

I needed a simple way of being notified when configuration files had been changed on some servers. Nothing fancy. No configuration management, no intrusion detection, no centralised versioning control repositories. Just a simple email saying what’s been changed. I couldn’t find a tool that did just that, and didn’t require massive amounts of configuration, so I […]

Script to start a Chrome browser with an SSH Socks5 proxy

Socks5 proxies are great. They allow you to tunnel all traffic for applications that support Socks proxies through the proxy. One example I frequently use is starting a Chrome window that will do everthing as if it was an a remote machine. This is especially useful to bypass firewalls so you can test websites that […]

Can’t save imported OpenVPN configuration in Network Manager

I ran into an issue where I couldn’t save an imported OpenVPN (.ovpn) configuration in Network Manager. The “Save” button remains disabled: It turns out I need to enter a password for the Private Key. Ofcourse, this particular private key doesn’t have a password, but you can simply enter a single space as your password. […]

POODLE: SSLv3 bug summary

Yet Another SSL bug: This time a problem with SSLv3. Most browsers and web servers support SSLv3. Many don’t use it by default; instead opting for higher versions of SSL such as TLS v1.0+. The problem is that attackers can force a downgrade of the negotiated protocol, which will result in the SSLv3 protocol being used […]

Work around insufficient remote permissions when SCPing

Here’s a problem I often run into: I need to copy files from a remote system to my local system. I have root access to the remote system via sudo or su, but not directly via SSH. I don’t have enough permissions to read the remote files as a normal user; I need to be […]

The text of all posts on this blog, unless specificly mentioned otherwise, are licensed under this license.